Skip to main content

Pulse Connect Secure Zero-day Remote Code Execution Vulnerability

Release Date: 22 Apr 2021 2988 Views

RISK: Extremely High Risk

TYPE: Security software and application - Security Software & Appliance

TYPE: Security Software & Appliance

A vulnerability was identified in Pulse Connect Secure, a remote attacker could exploit this vulnerability to trigger remote code execution and security restriction bypass on the targeted system.

 

Note:

  • This vulnerability is reported to have been exploited in the wild.

[Updated 4-May-2021] Security update for Pulse Connect Secure has been released.


Impact

  • Remote Code Execution
  • Security Restriction Bypass

System / Technologies affected

  • Pulse Conncet Secure 9.0R3 and Higher

Solutions

Before installation of the software, please visit the vendor web-site for more details.

 

Workaround:
Import the workaround xml file to mitigate the vulunbility, please visit the software vendor web-site for more details.

 

Use Pulse Connect Secure Integrity Tool to check the integrity of file systems, please visit the software vendor web-site for more details.

 


Vulnerability Identifier


Source


Related Link